Search in sources :

Example 76 with PrivilegedExceptionAction

use of java.security.PrivilegedExceptionAction in project Payara by payara.

the class JAASAuthContextHelper method getModules.

/**
 * this implementation does not depend on authContextID
 *
 * @param <M>
 * @param template
 * @param authContextID (ignored by this context system)
 * @return
 * @throws AuthException
 */
@Override
public <M> M[] getModules(M[] template, String authContextID) throws AuthException {
    loadConstructors(template, authContextID);
    ArrayList<M> list = new ArrayList<M>();
    for (int i = 0; i < constructors.length; i++) {
        if (constructors[i] == null) {
            list.add(i, null);
        } else {
            final int j = i;
            try {
                list.add(j, doPrivileged(new PrivilegedExceptionAction<M>() {

                    @Override
                    @SuppressWarnings("unchecked")
                    public M run() throws InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
                        return (M) constructors[j].newInstance(ARGS);
                    }
                }));
            } catch (PrivilegedActionException pae) {
                throw (AuthException) new AuthException().initCause(pae.getCause());
            }
        }
    }
    return list.toArray(template);
}
Also used : PrivilegedActionException(java.security.PrivilegedActionException) ArrayList(java.util.ArrayList) AuthException(javax.security.auth.message.AuthException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)

Example 77 with PrivilegedExceptionAction

use of java.security.PrivilegedExceptionAction in project Payara by payara.

the class SecurityContext method getDefaultCallerPrincipal.

// get caller principal of unauthenticated Security Context
public static Principal getDefaultCallerPrincipal() {
    synchronized (SecurityContext.class) {
        if (defaultSecurityContext.initiator == null) {
            String guestUser = null;
            try {
                guestUser = (String) AppservAccessController.doPrivileged(new PrivilegedExceptionAction() {

                    public java.lang.Object run() throws Exception {
                        SecurityService securityService = SecurityServicesUtil.getInstance().getHabitat().getService(SecurityService.class, ServerEnvironment.DEFAULT_INSTANCE_NAME);
                        if (securityService == null)
                            return null;
                        return securityService.getDefaultPrincipal();
                    }
                });
            } catch (Exception e) {
                _logger.log(Level.SEVERE, SecurityLoggerInfo.defaultUserLoginError, e);
            } finally {
                if (guestUser == null) {
                    guestUser = "ANONYMOUS";
                }
            }
            defaultSecurityContext.initiator = new PrincipalImpl(guestUser);
        }
    }
    return defaultSecurityContext.initiator;
}
Also used : AppServSecurityContext(com.sun.enterprise.security.integration.AppServSecurityContext) AbstractSecurityContext(com.sun.enterprise.security.common.AbstractSecurityContext) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) PrincipalImpl(org.glassfish.security.common.PrincipalImpl)

Example 78 with PrivilegedExceptionAction

use of java.security.PrivilegedExceptionAction in project checker-framework by typetools.

the class Calendar method readObject.

/**
 * Reconstitutes this object from a stream (i.e., deserialize it).
 */
private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException {
    final ObjectInputStream input = stream;
    input.defaultReadObject();
    stamp = new int[FIELD_COUNT];
    // streamed out anymore.  We expect 'time' to be correct.
    if (serialVersionOnStream >= 2) {
        isTimeSet = true;
        if (fields == null)
            fields = new int[FIELD_COUNT];
        if (isSet == null)
            isSet = new boolean[FIELD_COUNT];
    } else if (serialVersionOnStream >= 0) {
        for (int i = 0; i < FIELD_COUNT; ++i) stamp[i] = isSet[i] ? COMPUTED : UNSET;
    }
    serialVersionOnStream = currentSerialVersion;
    // If there's a ZoneInfo object, use it for zone.
    ZoneInfo zi = null;
    try {
        zi = AccessController.doPrivileged(new PrivilegedExceptionAction<ZoneInfo>() {

            public ZoneInfo run() throws Exception {
                return (ZoneInfo) input.readObject();
            }
        }, CalendarAccessControlContext.INSTANCE);
    } catch (PrivilegedActionException pae) {
        Exception e = pae.getException();
        if (!(e instanceof OptionalDataException)) {
            if (e instanceof RuntimeException) {
                throw (RuntimeException) e;
            } else if (e instanceof IOException) {
                throw (IOException) e;
            } else if (e instanceof ClassNotFoundException) {
                throw (ClassNotFoundException) e;
            }
            throw new RuntimeException(e);
        }
    }
    if (zi != null) {
        zone = zi;
    }
    // implementation as much as possible.
    if (zone instanceof SimpleTimeZone) {
        String id = zone.getID();
        TimeZone tz = TimeZone.getTimeZone(id);
        if (tz != null && tz.hasSameRules(zone) && tz.getID().equals(id)) {
            zone = tz;
        }
    }
}
Also used : PrivilegedActionException(java.security.PrivilegedActionException) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) IOException(java.io.IOException) OptionalDataException(java.io.OptionalDataException) ZoneInfo(sun.util.calendar.ZoneInfo) PrivilegedActionException(java.security.PrivilegedActionException) OptionalDataException(java.io.OptionalDataException) IOException(java.io.IOException) ObjectInputStream(java.io.ObjectInputStream)

Example 79 with PrivilegedExceptionAction

use of java.security.PrivilegedExceptionAction in project checker-framework by typetools.

the class Socket method getInputStream.

/**
 * Returns an input stream for this socket.
 *
 * <p> If this socket has an associated channel then the resulting input
 * stream delegates all of its operations to the channel.  If the channel
 * is in non-blocking mode then the input stream's {@code read} operations
 * will throw an {@link java.nio.channels.IllegalBlockingModeException}.
 *
 * <p>Under abnormal conditions the underlying connection may be
 * broken by the remote host or the network software (for example
 * a connection reset in the case of TCP connections). When a
 * broken connection is detected by the network software the
 * following applies to the returned input stream :-
 *
 * <ul>
 *
 *   <li><p>The network software may discard bytes that are buffered
 *   by the socket. Bytes that aren't discarded by the network
 *   software can be read using {@link java.io.InputStream#read read}.
 *
 *   <li><p>If there are no bytes buffered on the socket, or all
 *   buffered bytes have been consumed by
 *   {@link java.io.InputStream#read read}, then all subsequent
 *   calls to {@link java.io.InputStream#read read} will throw an
 *   {@link java.io.IOException IOException}.
 *
 *   <li><p>If there are no bytes buffered on the socket, and the
 *   socket has not been closed using {@link #close close}, then
 *   {@link java.io.InputStream#available available} will
 *   return {@code 0}.
 *
 * </ul>
 *
 * <p> Closing the returned {@link java.io.InputStream InputStream}
 * will close the associated socket.
 *
 * @return     an input stream for reading bytes from this socket.
 * @exception  IOException  if an I/O error occurs when creating the
 *             input stream, the socket is closed, the socket is
 *             not connected, or the socket input has been shutdown
 *             using {@link #shutdownInput()}
 *
 * @revised 1.4
 * @spec JSR-51
 */
public InputStream getInputStream() throws IOException {
    if (isClosed())
        throw new SocketException("Socket is closed");
    if (!isConnected())
        throw new SocketException("Socket is not connected");
    if (isInputShutdown())
        throw new SocketException("Socket input is shutdown");
    final Socket s = this;
    InputStream is = null;
    try {
        is = AccessController.doPrivileged(new PrivilegedExceptionAction<InputStream>() {

            public InputStream run() throws IOException {
                return impl.getInputStream();
            }
        });
    } catch (java.security.PrivilegedActionException e) {
        throw (IOException) e.getException();
    }
    return is;
}
Also used : InputStream(java.io.InputStream) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction)

Example 80 with PrivilegedExceptionAction

use of java.security.PrivilegedExceptionAction in project karaf by apache.

the class KarafTestSupport method executeCommand.

/**
 * Executes a shell command and returns output as a String.
 * Commands have a default timeout of 10 seconds.
 *
 * @param command    The command to execute.
 * @param timeout    The amount of time in millis to wait for the command to execute.
 * @param silent     Specifies if the command should be displayed in the screen.
 * @param principals The principals (e.g. RolePrincipal objects) to run the command under
 * @return
 */
protected String executeCommand(final String command, final Long timeout, final Boolean silent, final Principal... principals) {
    waitForCommandService(command);
    String response;
    final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
    final PrintStream printStream = new PrintStream(byteArrayOutputStream);
    final SessionFactory sessionFactory = getOsgiService(SessionFactory.class);
    final Session session = sessionFactory.create(System.in, printStream, System.err);
    final Callable<String> commandCallable = () -> {
        try {
            if (!silent) {
                System.err.println(command);
            }
            Object result = session.execute(command);
            if (result != null) {
                session.getConsole().println(result.toString());
            }
        } catch (Exception e) {
            throw new RuntimeException(e.getMessage(), e);
        }
        printStream.flush();
        return byteArrayOutputStream.toString();
    };
    FutureTask<String> commandFuture;
    if (principals.length == 0) {
        commandFuture = new FutureTask<>(commandCallable);
    } else {
        // If principals are defined, run the command callable via Subject.doAs()
        commandFuture = new FutureTask<>(() -> {
            Subject subject = new Subject();
            subject.getPrincipals().addAll(Arrays.asList(principals));
            return Subject.doAs(subject, (PrivilegedExceptionAction<String>) commandCallable::call);
        });
    }
    try {
        executor.submit(commandFuture);
        response = commandFuture.get(timeout, TimeUnit.MILLISECONDS);
    } catch (TimeoutException e) {
        e.printStackTrace(System.err);
        response = "SHELL COMMAND TIMED OUT: ";
    } catch (ExecutionException e) {
        Throwable cause = e.getCause() != null ? (e.getCause().getCause() != null ? e.getCause().getCause() : e.getCause()) : e;
        throw new RuntimeException(cause.getMessage(), cause);
    } catch (InterruptedException e) {
        throw new RuntimeException(e.getMessage(), e);
    }
    return response;
}
Also used : SessionFactory(org.apache.karaf.shell.api.console.SessionFactory) PrintStream(java.io.PrintStream) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PrivilegedExceptionAction(java.security.PrivilegedExceptionAction) TimeoutException(java.util.concurrent.TimeoutException) InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException) RerunTestException(org.ops4j.pax.exam.RerunTestException) IOException(java.io.IOException) ExecutionException(java.util.concurrent.ExecutionException) Subject(javax.security.auth.Subject) ExecutionException(java.util.concurrent.ExecutionException) Session(org.apache.karaf.shell.api.console.Session) TimeoutException(java.util.concurrent.TimeoutException)

Aggregations

PrivilegedExceptionAction (java.security.PrivilegedExceptionAction)387 IOException (java.io.IOException)199 PrivilegedActionException (java.security.PrivilegedActionException)135 Test (org.junit.Test)104 Connection (org.apache.hadoop.hbase.client.Connection)81 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)76 Table (org.apache.hadoop.hbase.client.Table)62 TableName (org.apache.hadoop.hbase.TableName)57 Result (org.apache.hadoop.hbase.client.Result)56 Scan (org.apache.hadoop.hbase.client.Scan)55 ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)53 Delete (org.apache.hadoop.hbase.client.Delete)48 InterruptedIOException (java.io.InterruptedIOException)47 Cell (org.apache.hadoop.hbase.Cell)38 CellScanner (org.apache.hadoop.hbase.CellScanner)38 Configuration (org.apache.hadoop.conf.Configuration)36 File (java.io.File)33 AuthorizationException (org.apache.hadoop.security.authorize.AuthorizationException)33 Path (org.apache.hadoop.fs.Path)23 ArrayList (java.util.ArrayList)22